<?php
	
	class RestUtilities
	{
		public static function process_request()
		{
			$request_method = strtolower($_SERVER['REQUEST_METHOD']);
			$return_obj		= new RestRequest();
			$data			= array();
			
			switch($request_method)
			{
				case 'get':
					$data = $_GET;
				break;
				case 'post':
					$data = $_POST;
				break;
				case 'put':
					$data = parse_str(file_get_contents('php://input'), $put_vars);
				break;
			}
			
			$return_obj->method($request_method);
			$return_obj->request_vars($data);
			
			if(isset($data['data']))
			{
				$return_obj->data(json_decode($data['data']));
			}
			
			return($return_obj);
		}
		
		public static function send_response($status = 200, $body = NULL, $content_type = 'text/tml')
		{
			header('HTTP/1.1 ' . $status . ' ' . RestUtils::get_status_code_message($status));
			header('Content-type: ' . $content_type);
			
			if($body = NULL)
			{
				echo $body;
				exit;
			}
			else
			{
				$message = '';
				
				switch($status)
				{
					case 401:
						$message = 'You must be authorized to view this page';
						break;
					case 404:
						$message = 'The requested URL ' . $_SERVER['REQUEST_URI'] . ' was not found';
						break;
					case 500:
						$message = 'The server encountered an error processing your request.';
						break;
					case 501:
						$message = 'The requested method is not implemented';
						break;
				}
				
				/** Servers dont always have a signatured turn on (this is an apached directive "ServerSignature On") **/
				$signature = ($_SERVER['SERVER_SIGNATURE'] == '') ? $_SERVER['SERVER_SOFTWARE'] . ' Server at ' . $_SERVER['SERVER_NAME'] . ' Port ' . $_SERVER['SERVER_PORT'] : $_SERVER['SERVER_SIGNATURE'];
				
				/** Templating is based off of real-world solutions **/
				$body = '<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
							<html>
								<head>
									<meta http_equiv="Content-Type" content="text/html; charset=iso-8859-1">
									<title>' . $status . ' ' . RestUtils::get_status_code_message($status) . '</title>
								</head>
								<body>
									<h1>' . RestUtils::get_status_code_message($status) . '</h1>
									<p>' . $message . '</p>
									<hr />
									<address>' . $signature . '</address>
								</body>
							</html>';
			}
			
			echo $body;
			exit;
		}
		
		public static function get_status_code_message($status)
		{
			$codes = array(
			);
			
			return((isset($codes[$status])) ? $codes[$status] : false);
		}
	}
	
	class RestRequest
	{
		private $request_vars;
		private $data;
		private $http_accept;
		private $method;
		
		public function __construct()
		{
			$this->request_vars		= array();
			$this->data				= '';
			$this->http_accept		= ((strpos($_SERVER['HTTP_ACCEPT'])) ? 'json' : 'xml');
			$this->method			= 'get';
		}
		
		public function data($data = NULL)
		{
			if($data == NULL)
			{
				return($this->data);
			}
			
			return($this->data = $data);
		}
		
		public function method($method = NULL)
		{
			if($method == NULL)
			{
				return($this->method);
			}
			
			return($this->method = $method);
		}
		
		public function request_vars($request_vars = NULL)
		{
			if($request_vars == NULL)
			{
				return($this->request_vars);
			}
			
			return($this->request_vars = $request_vars);
		}
		
		public function get_http_accept()
		{
			return($this->http_accept);
		}
	}
	
	// figure out if we need to challenge the user
	if(empty($_SERVER['PHP_AUTH_DIGEST']))
	{
		header('HTTP/1.1 401 Unauthorized');
		header('WWW-Authenticate: Digest realm="' . AUTH_REALM . '",qop="auth",nonce="' . uniqid() . '",opaque="' . md5(AUTH_REALM) . '"');

		// show the error if they hit cancel
		die(RestControllerLib::error(401, true));
	}

	// now, analayze the PHP_AUTH_DIGEST var
	if(!($data = http_digest_parse($_SERVER['PHP_AUTH_DIGEST'])) || $auth_username != $data['username'])
	{
		// show the error due to bad auth
		die(RestUtils::sendResponse(401));
	}

	// so far, everything's good, let's now check the response a bit more...
	$A1 = md5($data['username'] . ':' . AUTH_REALM . ':' . $auth_pass);
	$A2 = md5($_SERVER['REQUEST_METHOD'] . ':' . $data['uri']);
	$valid_response = md5($A1 . ':' . $data['nonce'] . ':' . $data['nc'] . ':' . $data['cnonce'] . ':' . $data['qop'] . ':' . $A2);

	// last check..
	if($data['response'] != $valid_response)
	{
		die(RestUtils::sendResponse(401));
	}

	
?>